Genachowski on Cybersecurity

5/23/2011 12:01 AM Eastern

By: John Eggerton

As the White House rolled out its cybersecurity framework last week, the FederalCommunications Commission launched its own inititative, initially targeted atsmall businesses. FCC chairman Julius Genachowski responded via e-mail to somequestions from Multichannel News Washington bureau chief John Eggerton about theagency’s role in enforcing broadband security. An edited transcript follows.

MCN: The National Broadband Plan calledfor a cybersecurity road map within 180 days,expanded reporting requirements, a voluntarycertification program, andworking with the Departmentof Homeland Securityon a cybersecurity-informationreporting system. Whatis the status of those?

Julius Genachowski: Weare working with our partnersacross government, asthe plan called for, on cybersecurityissues. We have takensteps where appropriate.

MCN: What should thecybersecurity takeaway advice be for ISPs likeComcast or Cox, or small cable operators whoare both small businesses and ISPs?

JG: As larger ISPs may better protect themselves,small businesses, including smallcable operators, are often becoming the lowhanging fruit for cyber criminals. The bigtake-away advice from todayis that educating businessowners on simple steps toprotect themselves can go along way to helping them securetheir businesses. … The10 tips we’ve put together is agreat place to start. So is thenew FCC web page devoted tocybersecurity for small businesses.

MCN: So, this would seem toargue for an FCC interpretationof reasonable network managementunder the network-neutrality rules that leavesplenty of room for dealing with malware,viruses and cyber-attacks?

JG: The Open Internet Order says, ‘Broadbandproviders may implement reasonable practicesto ensure network security and integrity,including by addressing traffic that is harmfulto the network.’ [A] footnote [in the order] cites‘spam, botnets, distributed denial of serviceattacks, worms, malware, and viruses that exploitend-user system vulnerabilities as threats[or] harmful traffic that can be blocked].’

MCN: Can and will the FCC make securitybreach notifications or advice on personalcybersecurity part of its transparency requirementfor network-neutrality rule enforcement?

JG: At this point it is undetermined, but ingeneral, a resilient, reliable and secure communicationsinfrastructure is vital to safeonline transactions, and the FCC is workinghard to make sure the public communicationnetworks are hardened and robust.